Wednesday, November 28, 2012

Security of the morning calm

In early November 2012, the SCADAStrangeLove striking force was thoughtless enough to accept an offer to speak at the Power of Community (POC) conference held in Seoul, South Korea. While I am still under the impression, I want to tell you how they do security in the Land of the Morning Freshness.
Many photos are under the cut.

About Conference

POC is the largest event relative to the information security sphere. The conference gathered more than 300 specialists from Korea, China, Japan, and other neighboring countries. This is the 7th time the event was held.
The Power of Community's official site:
Hashtag on Twitter: #POC2012
This time three Russians were present at the conference: Sergey Gordeychik, Gleb Gritsay and Alexander Polyakov.

POC Preparty. Here we are

However, there were much more people who spoke Russian. Andrey Kostin (roots src=USSR) was present along with Tom Creedon (ex-NSA and the winner of Drinking Hell).

All of a sudden Tao Wan gave us a stunning karaoke performance, singing "Black Raven" and "Moscow Nights". That's how you know that Russia is the Far Eastern State.

PS. Additional links for Russian-style karaoke ([1] [2] [3])

Power of XX

The contest is held within one group. Meanwhile several hacking contests are held in a separate room.
In addition to various geek contests (such as blind programming, overclockers battles) this time a real surprise was sprang — a CTF contest for girls only.

That's what the Power of XX is all about

I wasn't able to take part in the contest and to estimate the level of sophistication cause of my chromosome set being unfit for this kind of activity. Anyway, HexView, Burp and OllyDbg were at the laptop screen, so it's OK.

Pussy Cat won the contest left secu not far behind.

I think any team have a good chance at PHDays III CTF Quals.


The program of the conference is oriented towards practical aspects of information security. However, the organizers just included reports of the world's leading experts without considering the "general line of the party" or something.

Local features: a number of reports were delivered in Korean and Chinese, which complicated the understanding process in a way. When the presentation slides were a hieroglyphic video art itself, all I could do is to catch the speakers upon the completion. Luckily, the area wasn't too big.
So the conclusion is: presentations should be prepared in English.

Mmmm... Simultaneous translation?

For me, I liked the report of Tao Wan about Chinese hacking scene. Reports about Windows 8 should be marked out, as well. Chengyun Chu (Microsoft) provided a review on the operating system's new inbuilt security tools saying it would be difficult to develop exploits for the system. The expert was followed by MJ0011 who demonstrated several bypassing techniques.

Reports about attacks against online games (Luigi Auriemma and Donato Ferrante) were not bad. Several zero-day vulnerabilities will certainly be of interest for cheaters. It was the first time for Luigi to speak at a large event, and he was a little bit nervous. I had to consult him on how to cope with the "bad adrenalin" effect. I hope it helped him.

By the way, Donato and Luigi together decided to create a company, [Re]Vuln. It is really great when talented people decide to do something new together. Good luck, guys!

Andrei Costin was unfaithful to his adorable printers and spoke about the security system ADS-B, to be more exact, about total lack of any security system. Forgery of aircraft positioning data, false notifications of malfunctioning and a terroristic threat — all this is possible if you are not lazy.

 There was a lot of other good stuff there.

About our good self

Gleb Gritsay and I went on with further developments in "Die Hard 4.0".

SCADAStrangeLove on air

The current results of our s research in the ICS information security field were presented in the report "SCADA Strangelove: How I Learned to Start Worrying and Love Nuclear Plants". Apart from couple of dozen vulnerabilities in PLC/SCADA/HMI, including Siemens SIMATIC WinCC, we presented PLCScan utilities, Metasploit module for WinCC Harvester and SurfPatrol-based tool for the HMI systems fingerprinting. To get more information about release, please visit

Yes, we are!

Right after our speech, we received an invitation to take part in the AV Tokyo conference. I consider it shows in a modest way that we didn't dig the industry systems code and wear a hard hat at audits for nothing.

Rule of SCADA hacker: no helmet - no bonus!

Unfortunately, I had to refuse the visit the capital of the Land of the Rising Sun. Positive Technologies celebrated it's 10th anniversary that time. So instead of having fun with the Japanese hacking community, I had to speak in Moscow at the corporate party.

 Japanese hacking community rocks!

Power of Community

An integral part of any successful conference is a get-together. POC2012 provided everything necessary for it: traditional Korean lunches, formal and informal parties, battles with Benny for the necessity to drink local beer despite Leffe in the menu... 

Unfortunately, I failed to fight for the honor of the Russian people in Drinking Hell. I found this competition being prepared.

Drinking Hell under construction

However, Gleb did not let us down and took the third place.


I would like to say a couple of words about the Korean cuisine. For me as a person who was born in Russian Far East and grew up eating kimchi, carrot salad, and dried calamari, not speaking of instant ramen Dosirak (main students' food), visit to Korea became celebration for the soul and stomach. Food was tasty everywhere from a Michelin restaurant to a food stand. Though you should remember that tasty and spicy in the Korean culture are almost synonyms.


I've heard about the beauty of the Moscow subway very often. Guys, you might not be in the Seoul metro.

Simple, " not beautiful" metro in Seoul

All in all, Seoul amazes by the combination of skyscrapers, Buddhist temples, hi-tech gadgets, and traditional exercises in the subway, street, and just everywhere...


I left POC2012 with a lot of ideas, new acquaintances, and little regret. It means everything was perfect!
Thanks to the organizers and personally to Vangelis, to the speakers and all the participants for such a good event!

Preparing to POC2012

P.S. Gleb and Alexander played with the multimedia system AirBus in a plane from Seoul to Moscow. 

P.P.S. Several links to the articles devoted to our report


No comments:

Post a Comment